VAR-201908-1958
Vulnerability from variot - Updated: 2026-04-10 23:16The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Once the entropy is reduced, the attacker can brute-force the encryption key and use it to decrypt communications. Bluetooth BR/EDR is a Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate) standard. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. A weakness in the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification exposes a vulnerability that could allow for an unauthenticated, adjacent malicious user to perform a man-in-the-middle attack on an encrypted Bluetooth connection. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. The issue could allow the malicious user to reduce the entropy of the negotiated session key that is used to secure a Bluetooth connection between a paired device and a host device. An attacker who can successfully inject a malicious message into a Bluetooth connection during session negotiation or renegotiation could cause the strength of the session key to be susceptible to brute force attack. This advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability.
This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64
Bug Fix(es):
-
Backport TCP follow-up for small buffers (BZ#1739184)
-
TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)
-
RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test (Marvell/Cavium/QLogic) (L3:) (BZ#1743548)
-
block: blk-mq improvement (BZ#1780567)
-
RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during RHEL8.0 validation for SAP HANA on POWER (BZ#1781111)
-
blk-mq: overwirte performance drops on real MQ device (BZ#1782183)
-
RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads to drain out system memory quickly. (BZ#1782705)
-
7) - aarch64, noarch, ppc64le
Bug Fix(es):
-
kernel modules pkey and paes_s390 are not available (BZ#1719192)
-
pkey: Indicate old mkvp only if old and curr. mkvp are different (BZ#1720621)
-
System dropped into Mon running softboots Exception: 501 (Hardware Interrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi) (BZ#1737563)
-
kernel: jump label transformation performance (BZ#1739143)
-
Backport i40e MDD detection removal for PFs (BZ#1747618)
-
7.5) - ppc64, ppc64le, x86_64
Bug Fix(es):
-
TCP packets are segmented when sent to the VLAN device when coming from VXLAN dev. 7.6) - ppc64le, x86_64
-
Description:
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
Bug Fix(es):
-
kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)
Bug Fix(es):
-
update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1751263)
-
========================================================================== Ubuntu Security Notice USN-4147-1 October 04, 2019
linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.04
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-snapdragon: Linux kernel for Snapdragon processors - linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems - linux-hwe: Linux hardware enablement (HWE) kernel
Details:
It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136)
It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207)
It was discovered that the GTCO tablet input driver in the Linux kernel did not properly bounds check the initial HID report sent by the device. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13631)
It was discovered that an out-of-bounds read existed in the QLogic QEDI iSCSI Initiator Driver in the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-15090)
Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel did not properly validate device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15117)
Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel improperly performed recursion while handling device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15118)
It was discovered that the Raremono AM/FM/SW radio device driver in the Linux kernel did not properly allocate memory, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2019-15211)
It was discovered at a double-free error existed in the USB Rio 500 device driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service. (CVE-2019-15212)
It was discovered that a race condition existed in the CPiA2 video4linux device driver for the Linux kernel, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15215)
It was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15220)
Benjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service. (CVE-2019-15538)
It was discovered that the Hisilicon HNS3 ethernet device driver in the Linux kernel contained an out of bounds access vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2019-15925)
It was discovered that the Atheros mobile chipset driver in the Linux kernel did not properly validate data in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2019-15926)
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. A physically proximate attacker could use this to expose sensitive information. (CVE-2019-9506)
It was discovered that ZR364XX Camera USB device driver for the Linux kernel did not properly initialize memory. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15217)
It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel made improper assumptions about the device characteristics. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2019-15218)
It was discovered that the Line 6 POD USB device driver in the Linux kernel did not properly validate data size information from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15221)
It was discovered that the Line 6 USB driver for the Linux kernel contained a race condition when the device was disconnected. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15223)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.04: linux-image-5.0.0-1018-aws 5.0.0-1018.20 linux-image-5.0.0-1019-kvm 5.0.0-1019.20 linux-image-5.0.0-1019-raspi2 5.0.0-1019.19 linux-image-5.0.0-1020-gcp 5.0.0-1020.20 linux-image-5.0.0-1022-azure 5.0.0-1022.23 linux-image-5.0.0-1023-snapdragon 5.0.0-1023.24 linux-image-5.0.0-31-generic 5.0.0-31.33 linux-image-5.0.0-31-generic-lpae 5.0.0-31.33 linux-image-5.0.0-31-lowlatency 5.0.0-31.33 linux-image-aws 5.0.0.1018.19 linux-image-azure 5.0.0.1022.21 linux-image-gcp 5.0.0.1020.46 linux-image-generic 5.0.0.31.32 linux-image-generic-lpae 5.0.0.31.32 linux-image-gke 5.0.0.1020.46 linux-image-kvm 5.0.0.1019.19 linux-image-lowlatency 5.0.0.31.32 linux-image-raspi2 5.0.0.1019.16 linux-image-snapdragon 5.0.0.1023.16 linux-image-virtual 5.0.0.31.32
Ubuntu 18.04 LTS: linux-image-5.0.0-1020-gke 5.0.0-1020.20~18.04.1 linux-image-5.0.0-31-generic 5.0.0-31.33~18.04.1 linux-image-5.0.0-31-generic-lpae 5.0.0-31.33~18.04.1 linux-image-5.0.0-31-lowlatency 5.0.0-31.33~18.04.1 linux-image-generic-hwe-18.04 5.0.0.31.88 linux-image-generic-lpae-hwe-18.04 5.0.0.31.88 linux-image-gke-5.0 5.0.0.1020.9 linux-image-lowlatency-hwe-18.04 5.0.0.31.88 linux-image-snapdragon-hwe-18.04 5.0.0.31.88 linux-image-virtual-hwe-18.04 5.0.0.31.88
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://usn.ubuntu.com/4147-1 CVE-2019-0136, CVE-2019-10207, CVE-2019-13631, CVE-2019-15090, CVE-2019-15117, CVE-2019-15118, CVE-2019-15211, CVE-2019-15212, CVE-2019-15215, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15223, CVE-2019-15538, CVE-2019-15925, CVE-2019-15926, CVE-2019-9506
Package Information: https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33 https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20 https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23 https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20 https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20 https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19 https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24 https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1 https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3
watchOS 5.3 addresses the following:
Bluetooth Available for: Apple Watch Series 1 and later Impact: An attacker in a privileged network position may be able to intercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB) Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation. CVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Kasper Rasmussen of University of Oxford, England Entry added August 13, 2019
Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero
Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8647: Samuel Groß and Natalie Silvanovich of Google Project Zero
Core Data Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8660: Samuel Groß and Natalie Silvanovich of Google Project Zero
Digital Touch Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8624: Natalie Silvanovich of Google Project Zero
FaceTime Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu
Foundation Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8641: Samuel Groß and Natalie Silvanovich of Google Project Zero
Heimdal Available for: Apple Watch Series 1 and later Impact: An issue existed in Samba that may allow attackers to perform unauthorized actions by intercepting communications between services Description: This issue was addressed with improved checks to prevent unauthorized actions. CVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team and Catalyst
libxslt Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to view sensitive information Description: A stack overflow was addressed with improved input validation. CVE-2019-13118: found by OSS-Fuzz
Messages Available for: Apple Watch Series 1 and later Impact: Users removed from an iMessage conversation may still be able to alter state Description: This issue was addressed with improved checks. CVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of University of Oregon
Messages Available for: Apple Watch Series 1 and later Impact: A remote attacker may cause an unexpected application termination Description: A denial of service issue was addressed with improved validation. CVE-2019-8665: Michael Hernandez of XYZ Marketing
Quick Look Available for: Apple Watch Series 1 and later Impact: An attacker may be able to trigger a use-after-free in an application deserializing an untrusted NSDictionary Description: This issue was addressed with improved checks. CVE-2019-8662: Natalie Silvanovich and Samuel Groß of Google Project Zero
Siri Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to leak memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8646: Natalie Silvanovich of Google Project Zero
UIFoundation Available for: Apple Watch Series 1 and later Impact: Parsing a maliciously crafted office document may lead to an unexpected application termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8657: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
Wallet Available for: Apple Watch Series 1 and later Impact: A user may inadvertently complete an in-app purchase while on the lock screen Description: The issue was addressed with improved UI handling. CVE-2019-8682: Jeff Braswell (JeffBraswell.com)
WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: A logic issue was addressed with improved state management. CVE-2019-8658: akayn working with Trend Micro's Zero Day Initiative
WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8669: akayn working with Trend Micro's Zero Day Initiative CVE-2019-8672: Samuel Groß of Google Project Zero CVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech CVE-2019-8683: lokihardt of Google Project Zero CVE-2019-8684: lokihardt of Google Project Zero CVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech, Ken Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL, and Eric Lung (@Khlung1) of VXRL CVE-2019-8688: Insu Yun of SSLab at Georgia Tech CVE-2019-8689: lokihardt of Google Project Zero
Additional recognition
MobileInstallation We would like to acknowledge Dany Lisiansky (@DanyL931) for their assistance.
Installation note:
Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641
To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About".
Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2019:3187-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:3187 Issue date: 2019-10-23 CVE Names: CVE-2019-9506 =====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64 Red Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64
Security Fix(es):
- hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB) (CVE-2019-9506)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
-
Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)
-
powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) (BZ#1745436)
-
powerpc/pseries: Fix unitialized timer reset on migration / powerpc/pseries/mobility: Extend start/stop topology update scope (LPM) (BZ#1745438)
-
ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM (POWER9/P9) (BZ#1745446)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Package List:
Red Hat Enterprise Linux Server AUS (v. 7.4):
Source: kernel-3.10.0-693.60.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm
x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server E4S (v. 7.4):
Source: kernel-3.10.0-693.60.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm
ppc64le: kernel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm kernel-devel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-headers-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-693.60.1.el7.ppc64le.rpm perf-3.10.0-693.60.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server TUS (v. 7.4):
Source: kernel-3.10.0-693.60.1.el7.src.rpm
noarch: kernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm kernel-doc-3.10.0-693.60.1.el7.noarch.rpm
x86_64: kernel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-devel-3.10.0-693.60.1.el7.x86_64.rpm kernel-headers-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm perf-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional AUS (v. 7.4):
x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional E4S (v. 7.4):
ppc64le: kernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm
x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
Red Hat Enterprise Linux Server Optional TUS (v. 7.4):
x86_64: kernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXbAXitzjgjWX9erEAQh25A/9FrjeF3eVkgGwc/RvTRPF/Qqb44x+l61E KceVqzr3avw9TDoiCA8e35ZYwNBvpN6YW/VDiI0vSyj2nQp57xFK48ybhUvXGUKL A2dXn793a3ZBKIp4wVVQKyjBsAI31MT/AZDKrzlugszWlV25u/mc2tC4Yndbe+8e Lbwf2VvKdvtlH26Cadv1UN9YsnmtQuNdGp9NrRbttTCW9rMmHtkoQ/yT4rcS/7Fl 1tu2j2Yoi0GEG9wXWda7cbpd2jLCcpjwIYnrjRNOuMNVSugRKRcAY1rMwpL5dVpA rx2bi3X3HhCpGTgZSJbl9fz2f1J71o9WoUSybaT36Uc50iOs7anoHc82XPGFvkak xg+mkIVNkwGxW9pkum8tZANjhDwyGJl0bpS98zkzpNiBqdrGdN4V9qMmhqmEa/lT lQ7haJR1rqboIzS5uSpTL/a79blwDjnMNsZ3D+c6xFfjsq8yu1zGfDWBbMdoc1Zo 3CNT4+pdBr5ASdlE7R3G+8Zx77WSK2MLxRnzzHBF6KphF4LOOUJmefpZ0KQRGkN8 zOKjvsynVKSzqt++WJrij+U74KL65PZokF8kKSc0yDhgYRaeqK6QIwe+Dbn/YUsn RNBi1ZoILHB9nMxbT5OlEVf/0EJl7oD1zINT0n7S8b86gRnfHdMLlvZ1Kcfjs0Sy Vdo262+aA6k= =FkCN -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "cornell-tl10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c01e333r1p1t8\\)"
},
{
"_id": null,
"model": "p30",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "lelandp-l22d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "leland-tl10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "columbia-tl00d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.1.0.186\\(c01gt\\)"
},
{
"_id": null,
"model": "y6 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "19.04"
},
{
"_id": null,
"model": "tvos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "12.4"
},
{
"_id": null,
"model": "cairogo-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "cairogo-l22c461b153"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"_id": null,
"model": "princeton-tl10c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ever-l29b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.338\\(c185e3r3p1\\)"
},
{
"_id": null,
"model": "princeton-al10d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.341\\(c185e1r1p9t8\\)"
},
{
"_id": null,
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c185e2r1p12t8\\)"
},
{
"_id": null,
"model": "leland-l32c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "yale-tl00b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c10e3r1p14t8\\)"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.12.6"
},
{
"_id": null,
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.307\\(c635e4r1p13t8\\)"
},
{
"_id": null,
"model": "virtualization host eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "4.2"
},
{
"_id": null,
"model": "nova 3",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"_id": null,
"model": "laya-al00ep",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.306\\(c432e4r1p11t8\\)"
},
{
"_id": null,
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.158\\(c432e8r1p5t8\\)"
},
{
"_id": null,
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c782e10r1p9t8\\)"
},
{
"_id": null,
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"_id": null,
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.332\\(c432e5r1p13t8\\)"
},
{
"_id": null,
"model": "lelandp-l22c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ares-al10d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.160\\(c00e160r2p5t8\\)"
},
{
"_id": null,
"model": "y6 prime 2018",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "sydney-l21",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "18.04"
},
{
"_id": null,
"model": "cornell-al00ind",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.2.0.141\\(c675custc675d1gt\\)"
},
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.0"
},
{
"_id": null,
"model": "paris-al00ic",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "atomu-l42",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.155\\(c636custc636d1\\)"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"_id": null,
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.155\\(c10e2r3p1\\)"
},
{
"_id": null,
"model": "madrid-tl00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"_id": null,
"model": "enterprise linux aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"_id": null,
"model": "enterprise linux for real time for nfv",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"_id": null,
"model": "florida-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.150\\(c185e6r1p5t8\\)"
},
{
"_id": null,
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c636e3r1p13t8\\)"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"_id": null,
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.137\\(c33e8r1p5t8\\)"
},
{
"_id": null,
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.171\\(c10e2r3p1\\)"
},
{
"_id": null,
"model": "leland-tl10c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "madrid-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "cornell-al10ind",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.363\\(c675e2r1p9t8\\)"
},
{
"_id": null,
"model": "nova 5i pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "jakarta-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "yale-l21a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "cornell-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"_id": null,
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.351\\(c432e5r1p13t8\\)"
},
{
"_id": null,
"model": "nova lite 3",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.172\\(c432e2r5p1\\)"
},
{
"_id": null,
"model": "enterprise linux tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"_id": null,
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.336\\(c636e2r1p12t8\\)"
},
{
"_id": null,
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "sydney-l22",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "dura-tl00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "1.0.0.176\\(c01\\)"
},
{
"_id": null,
"model": "p20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "y9 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "potter-al00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "florida-tl10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.128\\(c01e112r1p6t8\\)"
},
{
"_id": null,
"model": "sydneym-l22",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"_id": null,
"model": "lelandp-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "berkeley-tl10",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c01e333r1p1t8\\)"
},
{
"_id": null,
"model": "ubuntu linux",
"scope": "eq",
"trust": 1.0,
"vendor": "canonical",
"version": "16.04"
},
{
"_id": null,
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"_id": null,
"model": "p30 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.342\\(c461e1r1p9t8\\)"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"_id": null,
"model": "figo-l23",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.160\\(c605e6r1p5t8\\)"
},
{
"_id": null,
"model": "imanager neteco 6000",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "berkeley-l09",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c636e4r1p13t8\\)"
},
{
"_id": null,
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c432e7r1p11t8\\)"
},
{
"_id": null,
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c432e2r5p1\\)"
},
{
"_id": null,
"model": "tony-tl00b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "harry-al00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "florida-l22",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.150\\(c636e6r1p5t8\\)"
},
{
"_id": null,
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.149\\(c675e8r2p1\\)"
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"_id": null,
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.170\\(c185e2r5p1\\)"
},
{
"_id": null,
"model": "nova 5",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "leland-l42c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "honor 8a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "lelandp-al10d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "figo-tl10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.130\\(c01e115r2p8t8\\)"
},
{
"_id": null,
"model": "tony-al00b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.306\\(c185e2r1p13t8\\)"
},
{
"_id": null,
"model": "london-al40ind",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "harry-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "johnson-tl00d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "alp-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"_id": null,
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.326\\(c635e2r1p11t8\\)"
},
{
"_id": null,
"model": "p smart",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.1"
},
{
"_id": null,
"model": "asoka-al00ax",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.1.181\\(c00e48r6p1\\)"
},
{
"_id": null,
"model": "columbia-al10i",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.335\\(c675e8r1p9t8\\)"
},
{
"_id": null,
"model": "sydneym-l23",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "ares-tl00c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.165\\(c01e165r2p5t8\\)"
},
{
"_id": null,
"model": "enterprise linux for real time for nfv eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"_id": null,
"model": "cornell-l29a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.347\\(c432e1r1p9t8\\)"
},
{
"_id": null,
"model": "enterprise linux for real time eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"_id": null,
"model": "katyusha-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "paris-l29b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "sydneym-l01",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "florida-al20b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.128\\(c00e112r1p6t8\\)"
},
{
"_id": null,
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c185e3r1p12t8\\)"
},
{
"_id": null,
"model": "potter-al10a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"_id": null,
"model": "yale-l61c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "iphone os",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "12.4"
},
{
"_id": null,
"model": "sydney-l22br",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "sydneym-al00",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.328\\(c432e5r1p9t8\\)"
},
{
"_id": null,
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.170\\(c636e2r3p1\\)"
},
{
"_id": null,
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"_id": null,
"model": "dubai-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.2.0.190\\(c00r2p2\\)"
},
{
"_id": null,
"model": "android",
"scope": "eq",
"trust": 1.0,
"vendor": "google",
"version": null
},
{
"_id": null,
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c605e2r1p11t8\\)"
},
{
"_id": null,
"model": "honor 20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.143\\(c675e8r2p1\\)"
},
{
"_id": null,
"model": "hima-l29c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "atomu-l33",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.147\\(c605custc605d1\\)"
},
{
"_id": null,
"model": "enterprise linux for real time for nfv",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7"
},
{
"_id": null,
"model": "bla-tl00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.329\\(c01e320r1p1t8\\)"
},
{
"_id": null,
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c636e7r1p13t8\\)"
},
{
"_id": null,
"model": "dura-al00a",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "1.0.0.182\\(c00\\)"
},
{
"_id": null,
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c636e2r1p12t8\\)"
},
{
"_id": null,
"model": "emily-l29c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "8.1.0.156\\(c605\\)"
},
{
"_id": null,
"model": "p smart 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.14.5"
},
{
"_id": null,
"model": "harry-tl00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "enterprise linux for real time",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8"
},
{
"_id": null,
"model": "y6 pro 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "honor view 10",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "berkeley-al20",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r2p1t8\\)"
},
{
"_id": null,
"model": "johnson-tl00f",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.122\\(c09e7r1p5t8\\)"
},
{
"_id": null,
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c10e5r1p14t8\\)"
},
{
"_id": null,
"model": "yalep-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "florida-l23",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c605e7r1p2t8\\)"
},
{
"_id": null,
"model": "yale-al50a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "emily-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.311\\(c461e2r1p11t8\\)"
},
{
"_id": null,
"model": "enterprise linux for real time for nfv eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"_id": null,
"model": "enterprise linux for real time eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"_id": null,
"model": "honor 8x",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "figo-l31",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.122d\\(c652\\)"
},
{
"_id": null,
"model": "mate 20 x",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "cornell-al00i",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.363\\(c675e3r1p9t8\\)"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"_id": null,
"model": "nova 4",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "leland-l42a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "sydney-al00",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.165\\(c10e8r1p5t8\\)"
},
{
"_id": null,
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c636e2r3p1\\)"
},
{
"_id": null,
"model": "columbia-l29d",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.350\\(c461e3r1p11t8\\)"
},
{
"_id": null,
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.2"
},
{
"_id": null,
"model": "leland-l32a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "neo-al00d",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "sydneym-l03",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "honor 20 pro",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.154\\(c185e2r5p1\\)"
},
{
"_id": null,
"model": "mac os x",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "10.13.6"
},
{
"_id": null,
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.300\\(c605e2r1p12t8\\)"
},
{
"_id": null,
"model": "lelandp-l22a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "charlotte-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.325\\(c185e4r1p11t8\\)"
},
{
"_id": null,
"model": "leland-l31a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "atomu-l41",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.153\\(c461custc461d1\\)"
},
{
"_id": null,
"model": "imanager neteco",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "paris-l21b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"_id": null,
"model": "mate 20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "mrg realtime",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "2.0"
},
{
"_id": null,
"model": "y5 2018",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "yale-al00a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "sydney-tl00",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "bla-l29c",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.306\\(c636e2r1p13t8\\)"
},
{
"_id": null,
"model": "lelandp-al00c",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "sydney-l21br",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "columbia-al10b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.333\\(c00e333r1p1t8\\)"
},
{
"_id": null,
"model": "p20 pro",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "honor view 20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.4"
},
{
"_id": null,
"model": "barca-al00",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "8.0.0.366\\(c00\\)"
},
{
"_id": null,
"model": "leland-l21a",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "paris-l21meb",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "princeton-al10b",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "florida-l21",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.150\\(c432e6r1p5t8\\)"
},
{
"_id": null,
"model": "ares-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.160\\(c00e160r2p5t8\\)"
},
{
"_id": null,
"model": "mate 20",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "watchos",
"scope": "eq",
"trust": 1.0,
"vendor": "apple",
"version": "5.3"
},
{
"_id": null,
"model": "honor 10 lite",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "y5 lite",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "bla-al00b",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.329\\(c786e320r2p1t8\\)"
},
{
"_id": null,
"model": "figo-l31",
"scope": "lt",
"trust": 1.0,
"vendor": "huawei",
"version": "9.1.0.137\\(c530e8r1p5t8\\)"
},
{
"_id": null,
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "15.1"
},
{
"_id": null,
"model": "y7 2019",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": "sydneym-l21",
"scope": "eq",
"trust": 1.0,
"vendor": "huawei",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blackberry",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bluetooth sig",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"credits": {
"_id": null,
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155005"
},
{
"db": "PACKETSTORM",
"id": "154779"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154936"
},
{
"db": "PACKETSTORM",
"id": "154949"
}
],
"trust": 0.7
},
"cve": "CVE-2019-9506",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2019-9506",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.1,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "ADJACENT NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 7.8,
"exploitability": "NOT DEFINED",
"exploitabilityScore": 6.5,
"id": "CVE-2019-9506",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "NOT DEFINED",
"reportConfidence": "NOT DEFINED",
"severity": "HIGH",
"targetDistribution": "NOT DEFINED",
"trust": 0.8,
"userInteractionRequired": null,
"vector_string": "AV:A/AC:L/Au:N/C:C/I:C/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-160941",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-9506",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "cret@cert.org",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-9506",
"impactScore": 4.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-9506",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "cret@cert.org",
"id": "CVE-2019-9506",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-9506",
"trust": 0.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201908-864",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-160941",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2019-9506",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"description": {
"_id": null,
"data": "The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka \"KNOB\") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing. Once the entropy is reduced, the attacker can brute-force the encryption key and use it to decrypt communications. Bluetooth BR/EDR is a Bluetooth BR/EDR (Basic Rate/Enhanced Data Rate) standard. An encryption issue vulnerability exists in Bluetooth BR/EDR 5.1 and earlier versions. The vulnerability stems from incorrect use of relevant cryptographic algorithms by network systems or products, resulting in improperly encrypted content, weak encryption, and storing sensitive information in plain text. A weakness in the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) protocol core specification exposes a vulnerability that could allow for an unauthenticated, adjacent malicious user to perform a man-in-the-middle attack on an encrypted Bluetooth connection. The attack must be performed during negotiation or renegotiation of a paired device connection; existing sessions cannot be attacked. \nThe issue could allow the malicious user to reduce the entropy of the negotiated session key that is used to secure a Bluetooth connection between a paired device and a host device. An attacker who can successfully inject a malicious message into a Bluetooth connection during session negotiation or renegotiation could cause the strength of the session key to be susceptible to brute force attack. \nThis advisory will be updated as additional information becomes available. There are no workarounds that address this vulnerability. \n\nThis advisory is available at the following link:\ntools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190813-bluetooth. 8.0) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. \n\nBug Fix(es):\n\n* Backport TCP follow-up for small buffers (BZ#1739184)\n\n* TCP performance regression after CVE-2019-11478 bug fix (BZ#1743170)\n\n* RHEL8.0 - bnx2x link down, caused by transmit timeouts during load test\n(Marvell/Cavium/QLogic) (L3:) (BZ#1743548)\n\n* block: blk-mq improvement (BZ#1780567)\n\n* RHEL8.0 - Regression to RHEL7.6 by changing force_latency found during\nRHEL8.0 validation for SAP HANA on POWER (BZ#1781111)\n\n* blk-mq: overwirte performance drops on real MQ device (BZ#1782183)\n\n* RHEL8: creating vport takes lot of memory i.e 2GB per vport which leads\nto drain out system memory quickly. (BZ#1782705)\n\n4. 7) - aarch64, noarch, ppc64le\n\n3. \n\nBug Fix(es):\n\n* kernel modules pkey and paes_s390 are not available (BZ#1719192)\n\n* pkey: Indicate old mkvp only if old and curr. mkvp are different\n(BZ#1720621)\n\n* System dropped into Mon running softboots Exception: 501 (Hardware\nInterrupt) at c00000000000a814 replay_interrupt_return+0x0/0x4 (ipmi)\n(BZ#1737563)\n\n* kernel: jump label transformation performance (BZ#1739143)\n\n* Backport i40e MDD detection removal for PFs (BZ#1747618)\n\n4. 7.5) - ppc64, ppc64le, x86_64\n\n3. \n\nBug Fix(es):\n\n* TCP packets are segmented when sent to the VLAN device when coming from\nVXLAN dev. 7.6) - ppc64le, x86_64\n\n3. Description:\n\nThis is a kernel live patch module which is automatically loaded by the RPM\npost-install script to modify the code of a running kernel. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nBug Fix(es):\n\n* kernel build: parallelize redhat/mod-sign.sh (BZ#1755326)\n\n4. \n\nBug Fix(es):\n\n* update the MRG 2.5.z 3.10 realtime-kernel sources (BZ#1751263)\n\n4. ==========================================================================\nUbuntu Security Notice USN-4147-1\nOctober 04, 2019\n\nlinux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe,\nlinux-kvm, linux-raspi2, linux-snapdragon vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 19.04\n- Ubuntu 18.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux: Linux kernel\n- linux-aws: Linux kernel for Amazon Web Services (AWS) systems\n- linux-azure: Linux kernel for Microsoft Azure Cloud systems\n- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems\n- linux-kvm: Linux kernel for cloud environments\n- linux-raspi2: Linux kernel for Raspberry Pi 2\n- linux-snapdragon: Linux kernel for Snapdragon processors\n- linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems\n- linux-hwe: Linux hardware enablement (HWE) kernel\n\nDetails:\n\nIt was discovered that the Intel Wi-Fi device driver in the Linux kernel\ndid not properly validate certain Tunneled Direct Link Setup (TDLS). A\nphysically proximate attacker could use this to cause a denial of service\n(Wi-Fi disconnect). (CVE-2019-0136)\n\nIt was discovered that the Bluetooth UART implementation in the Linux\nkernel did not properly check for missing tty operations. A local attacker\ncould use this to cause a denial of service. (CVE-2019-10207)\n\nIt was discovered that the GTCO tablet input driver in the Linux kernel did\nnot properly bounds check the initial HID report sent by the device. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2019-13631)\n\nIt was discovered that an out-of-bounds read existed in the QLogic QEDI\niSCSI Initiator Driver in the Linux kernel. A local attacker could possibly\nuse this to expose sensitive information (kernel memory). (CVE-2019-15090)\n\nHui Peng and Mathias Payer discovered that the USB audio driver for the\nLinux kernel did not properly validate device meta data. A physically\nproximate attacker could use this to cause a denial of service (system\ncrash). (CVE-2019-15117)\n\nHui Peng and Mathias Payer discovered that the USB audio driver for the\nLinux kernel improperly performed recursion while handling device meta\ndata. A physically proximate attacker could use this to cause a denial of\nservice (system crash). (CVE-2019-15118)\n\nIt was discovered that the Raremono AM/FM/SW radio device driver in the\nLinux kernel did not properly allocate memory, leading to a use-after-free. \nA physically proximate attacker could use this to cause a denial of service\nor possibly execute arbitrary code. (CVE-2019-15211)\n\nIt was discovered at a double-free error existed in the USB Rio 500 device\ndriver for the Linux kernel. A physically proximate attacker could use this\nto cause a denial of service. (CVE-2019-15212)\n\nIt was discovered that a race condition existed in the CPiA2 video4linux\ndevice driver for the Linux kernel, leading to a use-after-free. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2019-15215)\n\nIt was discovered that a race condition existed in the Softmac USB Prism54\ndevice driver in the Linux kernel. A physically proximate attacker could\nuse this to cause a denial of service (system crash). (CVE-2019-15220)\n\nBenjamin Moody discovered that the XFS file system in the Linux kernel did\nnot properly handle an error condition when out of disk quota. A local\nattacker could possibly use this to cause a denial of service. \n(CVE-2019-15538)\n\nIt was discovered that the Hisilicon HNS3 ethernet device driver in the\nLinux kernel contained an out of bounds access vulnerability. A local\nattacker could use this to possibly cause a denial of service (system\ncrash). (CVE-2019-15925)\n\nIt was discovered that the Atheros mobile chipset driver in the Linux\nkernel did not properly validate data in some situations. An attacker could\nuse this to cause a denial of service (system crash). (CVE-2019-15926)\n\nDaniele Antonioli, Nils Ole Tippenhauer, and Kasper B. A physically proximate attacker\ncould use this to expose sensitive information. (CVE-2019-9506)\n\nIt was discovered that ZR364XX Camera USB device driver for the Linux\nkernel did not properly initialize memory. A physically proximate attacker\ncould use this to cause a denial of service (system crash). \n(CVE-2019-15217)\n\nIt was discovered that the Siano USB MDTV receiver device driver in the\nLinux kernel made improper assumptions about the device characteristics. A\nphysically proximate attacker could use this cause a denial of service\n(system crash). (CVE-2019-15218)\n\nIt was discovered that the Line 6 POD USB device driver in the Linux kernel\ndid not properly validate data size information from the device. A\nphysically proximate attacker could use this to cause a denial of service\n(system crash). (CVE-2019-15221)\n\nIt was discovered that the Line 6 USB driver for the Linux kernel contained\na race condition when the device was disconnected. A physically proximate\nattacker could use this to cause a denial of service (system crash). \n(CVE-2019-15223)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 19.04:\n linux-image-5.0.0-1018-aws 5.0.0-1018.20\n linux-image-5.0.0-1019-kvm 5.0.0-1019.20\n linux-image-5.0.0-1019-raspi2 5.0.0-1019.19\n linux-image-5.0.0-1020-gcp 5.0.0-1020.20\n linux-image-5.0.0-1022-azure 5.0.0-1022.23\n linux-image-5.0.0-1023-snapdragon 5.0.0-1023.24\n linux-image-5.0.0-31-generic 5.0.0-31.33\n linux-image-5.0.0-31-generic-lpae 5.0.0-31.33\n linux-image-5.0.0-31-lowlatency 5.0.0-31.33\n linux-image-aws 5.0.0.1018.19\n linux-image-azure 5.0.0.1022.21\n linux-image-gcp 5.0.0.1020.46\n linux-image-generic 5.0.0.31.32\n linux-image-generic-lpae 5.0.0.31.32\n linux-image-gke 5.0.0.1020.46\n linux-image-kvm 5.0.0.1019.19\n linux-image-lowlatency 5.0.0.31.32\n linux-image-raspi2 5.0.0.1019.16\n linux-image-snapdragon 5.0.0.1023.16\n linux-image-virtual 5.0.0.31.32\n\nUbuntu 18.04 LTS:\n linux-image-5.0.0-1020-gke 5.0.0-1020.20~18.04.1\n linux-image-5.0.0-31-generic 5.0.0-31.33~18.04.1\n linux-image-5.0.0-31-generic-lpae 5.0.0-31.33~18.04.1\n linux-image-5.0.0-31-lowlatency 5.0.0-31.33~18.04.1\n linux-image-generic-hwe-18.04 5.0.0.31.88\n linux-image-generic-lpae-hwe-18.04 5.0.0.31.88\n linux-image-gke-5.0 5.0.0.1020.9\n linux-image-lowlatency-hwe-18.04 5.0.0.31.88\n linux-image-snapdragon-hwe-18.04 5.0.0.31.88\n linux-image-virtual-hwe-18.04 5.0.0.31.88\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n https://usn.ubuntu.com/4147-1\n CVE-2019-0136, CVE-2019-10207, CVE-2019-13631, CVE-2019-15090,\n CVE-2019-15117, CVE-2019-15118, CVE-2019-15211, CVE-2019-15212,\n CVE-2019-15215, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220,\n CVE-2019-15221, CVE-2019-15223, CVE-2019-15538, CVE-2019-15925,\n CVE-2019-15926, CVE-2019-9506\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33\n https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20\n https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23\n https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20\n https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20\n https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19\n https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24\n https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1\n https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-8-13-3 Additional information for\nAPPLE-SA-2019-7-22-4 watchOS 5.3\n\nwatchOS 5.3 addresses the following:\n\nBluetooth\nAvailable for: Apple Watch Series 1 and later\nImpact: An attacker in a privileged network position may be able to\nintercept Bluetooth traffic (Key Negotiation of Bluetooth - KNOB)\nDescription: An input validation issue existed in Bluetooth. This\nissue was addressed with improved input validation. \nCVE-2019-9506: Daniele Antonioli of SUTD, Singapore, Dr. Kasper Rasmussen of\nUniversity of Oxford, England\nEntry added August 13, 2019\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A use after free issue was addressed with improved\nmemory management. \nCVE-2019-8647: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nCore Data\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8660: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nDigital Touch\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8624: Natalie Silvanovich of Google Project Zero\n\nFaceTime\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause arbitrary code\nexecution\nDescription: A memory corruption issue was addressed with improved\ninput validation. \nCVE-2019-8648: Tao Huang and Tielei Wang of Team Pangu\n\nFoundation\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8641: Samuel Gro\u00df and Natalie Silvanovich of Google Project\nZero\n\nHeimdal\nAvailable for: Apple Watch Series 1 and later\nImpact: An issue existed in Samba that may allow attackers to perform\nunauthorized actions by intercepting communications between services\nDescription: This issue was addressed with improved checks to prevent\nunauthorized actions. \nCVE-2018-16860: Isaac Boukris and Andrew Bartlett of the Samba Team\nand Catalyst\n\nlibxslt\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to view sensitive information\nDescription: A stack overflow was addressed with improved input\nvalidation. \nCVE-2019-13118: found by OSS-Fuzz\n\nMessages\nAvailable for: Apple Watch Series 1 and later\nImpact: Users removed from an iMessage conversation may still be able\nto alter state\nDescription: This issue was addressed with improved checks. \nCVE-2019-8659: Ryan Kontos (@ryanjkontos), Will Christensen of\nUniversity of Oregon\n\nMessages\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may cause an unexpected application\ntermination\nDescription: A denial of service issue was addressed with improved\nvalidation. \nCVE-2019-8665: Michael Hernandez of XYZ Marketing\n\nQuick Look\nAvailable for: Apple Watch Series 1 and later\nImpact: An attacker may be able to trigger a use-after-free in an\napplication deserializing an untrusted NSDictionary\nDescription: This issue was addressed with improved checks. \nCVE-2019-8662: Natalie Silvanovich and Samuel Gro\u00df of Google Project\nZero\n\nSiri\nAvailable for: Apple Watch Series 1 and later\nImpact: A remote attacker may be able to leak memory\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8646: Natalie Silvanovich of Google Project Zero\n\nUIFoundation\nAvailable for: Apple Watch Series 1 and later\nImpact: Parsing a maliciously crafted office document may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An out-of-bounds read was addressed with improved input\nvalidation. \nCVE-2019-8657: riusksk of VulWar Corp working with Trend Micro\u0027s Zero\nDay Initiative\n\nWallet\nAvailable for: Apple Watch Series 1 and later\nImpact: A user may inadvertently complete an in-app purchase while on\nthe lock screen\nDescription: The issue was addressed with improved UI handling. \nCVE-2019-8682: Jeff Braswell (JeffBraswell.com)\n\nWebKit\nAvailable for: Apple Watch Series 1 and later\nImpact: Processing maliciously crafted web content may lead to\nuniversal cross site scripting\nDescription: A logic issue was addressed with improved state\nmanagement. \nCVE-2019-8658: akayn working with Trend Micro\u0027s Zero Day Initiative\n\nWebKit\nAvailable for: Apple Watch Series 1 and later\nImpact: Processing maliciously crafted web content may lead to\narbitrary code execution\nDescription: Multiple memory corruption issues were addressed with\nimproved memory handling. \nCVE-2019-8669: akayn working with Trend Micro\u0027s Zero Day Initiative\nCVE-2019-8672: Samuel Gro\u00df of Google Project Zero\nCVE-2019-8676: Soyeon Park and Wen Xu of SSLab at Georgia Tech\nCVE-2019-8683: lokihardt of Google Project Zero\nCVE-2019-8684: lokihardt of Google Project Zero\nCVE-2019-8685: akayn, Dongzhuo Zhao working with ADLab of Venustech,\nKen Wong (@wwkenwong) of VXRL, Anthony Lai (@darkfloyd1014) of VXRL,\nand Eric Lung (@Khlung1) of VXRL\nCVE-2019-8688: Insu Yun of SSLab at Georgia Tech\nCVE-2019-8689: lokihardt of Google Project Zero\n\nAdditional recognition\n\nMobileInstallation\nWe would like to acknowledge Dany Lisiansky (@DanyL931) for their\nassistance. \n\nInstallation note:\n\nInstructions on how to update your Apple Watch software are\navailable at https://support.apple.com/kb/HT204641\n\nTo check the version on your Apple Watch, open the Apple Watch app\non your iPhone and select \"My Watch \u003e General \u003e About\". \n\nAlternatively, on your watch, select \"My Watch \u003e General \u003e About\". -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: kernel security and bug fix update\nAdvisory ID: RHSA-2019:3187-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:3187\nIssue date: 2019-10-23\nCVE Names: CVE-2019-9506 \n=====================================================================\n\n1. Summary:\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.4\nAdvanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update\nSupport, and Red Hat Enterprise Linux 7.4 Update Services for SAP\nSolutions. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4) - noarch, x86_64\nRed Hat Enterprise Linux Server E4S (v. 7.4) - noarch, ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4) - ppc64le, x86_64\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4) - x86_64\nRed Hat Enterprise Linux Server TUS (v. 7.4) - noarch, x86_64\n\n3. \n\nSecurity Fix(es):\n\n* hardware: bluetooth: BR/EDR encryption key negotiation attacks (KNOB)\n(CVE-2019-9506)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\nBug Fix(es):\n\n* Fix possible Spectre-v1 bugs in wireless code (BZ#1706696)\n\n* powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas:\nFix a potential race between CPU-Offline \u0026 Migration (LPM) (BZ#1745436)\n\n* powerpc/pseries: Fix unitialized timer reset on migration /\npowerpc/pseries/mobility: Extend start/stop topology update scope (LPM)\n(BZ#1745438)\n\n* ISST-LTE:PVM:Zeppelin :LPM: Failure logs and stack trace seen during LPM\n(POWER9/P9) (BZ#1745446)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect. \n\n5. Package List:\n\nRed Hat Enterprise Linux Server AUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server E4S (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nppc64le:\nkernel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-bootwrapper-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-headers-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server TUS (v. 7.4):\n\nSource:\nkernel-3.10.0-693.60.1.el7.src.rpm\n\nnoarch:\nkernel-abi-whitelists-3.10.0-693.60.1.el7.noarch.rpm\nkernel-doc-3.10.0-693.60.1.el7.noarch.rpm\n\nx86_64:\nkernel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-devel-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-headers-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-3.10.0-693.60.1.el7.x86_64.rpm\nperf-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional AUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional E4S (v. 7.4):\n\nppc64le:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debug-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-debuginfo-common-ppc64le-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.ppc64le.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.ppc64le.rpm\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional TUS (v. 7.4):\n\nx86_64:\nkernel-debug-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-debuginfo-common-x86_64-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\nkernel-tools-libs-devel-3.10.0-693.60.1.el7.x86_64.rpm\nperf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\npython-perf-debuginfo-3.10.0-693.60.1.el7.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXbAXitzjgjWX9erEAQh25A/9FrjeF3eVkgGwc/RvTRPF/Qqb44x+l61E\nKceVqzr3avw9TDoiCA8e35ZYwNBvpN6YW/VDiI0vSyj2nQp57xFK48ybhUvXGUKL\nA2dXn793a3ZBKIp4wVVQKyjBsAI31MT/AZDKrzlugszWlV25u/mc2tC4Yndbe+8e\nLbwf2VvKdvtlH26Cadv1UN9YsnmtQuNdGp9NrRbttTCW9rMmHtkoQ/yT4rcS/7Fl\n1tu2j2Yoi0GEG9wXWda7cbpd2jLCcpjwIYnrjRNOuMNVSugRKRcAY1rMwpL5dVpA\nrx2bi3X3HhCpGTgZSJbl9fz2f1J71o9WoUSybaT36Uc50iOs7anoHc82XPGFvkak\nxg+mkIVNkwGxW9pkum8tZANjhDwyGJl0bpS98zkzpNiBqdrGdN4V9qMmhqmEa/lT\nlQ7haJR1rqboIzS5uSpTL/a79blwDjnMNsZ3D+c6xFfjsq8yu1zGfDWBbMdoc1Zo\n3CNT4+pdBr5ASdlE7R3G+8Zx77WSK2MLxRnzzHBF6KphF4LOOUJmefpZ0KQRGkN8\nzOKjvsynVKSzqt++WJrij+U74KL65PZokF8kKSc0yDhgYRaeqK6QIwe+Dbn/YUsn\nRNBi1ZoILHB9nMxbT5OlEVf/0EJl7oD1zINT0n7S8b86gRnfHdMLlvZ1Kcfjs0Sy\nVdo262+aA6k=\n=FkCN\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-9506"
},
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155005"
},
{
"db": "PACKETSTORM",
"id": "154779"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154936"
},
{
"db": "PACKETSTORM",
"id": "154740"
},
{
"db": "PACKETSTORM",
"id": "154056"
},
{
"db": "PACKETSTORM",
"id": "154949"
}
],
"trust": 2.61
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2019-9506",
"trust": 2.7
},
{
"db": "CERT/CC",
"id": "VU#918987",
"trust": 2.6
},
{
"db": "PACKETSTORM",
"id": "157216",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "156058",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0141",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1366",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1189",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1366.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4346",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4346.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4676",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0262",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3115",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4252",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.1338",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4584",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-27173",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "155017",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154949",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154936",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "155004",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-160941",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-9506",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "155005",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154779",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154740",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154056",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155005"
},
{
"db": "PACKETSTORM",
"id": "154779"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154936"
},
{
"db": "PACKETSTORM",
"id": "154740"
},
{
"db": "PACKETSTORM",
"id": "154056"
},
{
"db": "PACKETSTORM",
"id": "154949"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"id": "VAR-201908-1958",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-160941"
}
],
"trust": 0.6336539925
},
"last_update_date": "2026-04-10T23:16:47.566000Z",
"patch": {
"_id": null,
"data": [
{
"title": "Bluetooth Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=96553"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/08/22/cisco_patch_bundle/"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193187 - Security Advisory"
},
{
"title": "Red Hat: Important: kpatch-patch security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193231 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20192975 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193165 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193218 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20201460 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193220 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193089 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193055 - Security Advisory"
},
{
"title": "Red Hat: Important: kernel-alt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193217 - Security Advisory"
},
{
"title": "Red Hat: Important: kpatch-patch security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193076 - Security Advisory"
},
{
"title": "Red Hat: CVE-2019-9506",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=CVE-2019-9506"
},
{
"title": "Cisco: Key Negotiation of Bluetooth Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190813-bluetooth"
},
{
"title": "HP: HPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=HPSBPI03634"
},
{
"title": "Red Hat: Important: kernel security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20200204 - Security Advisory"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=814c3d5b0bc03fc1c34e62dbc5cf6bf7"
},
{
"title": "HP: SUPPORT COMMUNICATION- SECURITY BULLETIN\nHPSBPI03634 rev. 1 - HP OfficeJet Mobile and Sprocket Printers KNOB Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=hp_bulletin\u0026qid=20bba81176880ee641f9d46354adc125"
},
{
"title": "Red Hat: Important: kernel security, bug fix, and enhancement update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193517 - Security Advisory"
},
{
"title": "Huawei Security Advisories: Security Advisory - Key Negotiation of Bluetooth (KNOB) Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=huawei_security_advisories\u0026qid=4da976eef66883f5331725800e5cf063"
},
{
"title": "Red Hat: Important: kernel-rt security and bug fix update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20193309 - Security Advisory"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4147-1"
},
{
"title": "Fortinet Security Advisories: CVE-2019-9506 Encryption Key Negotiation of Bluetooth Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=FG-IR-19-224"
},
{
"title": "Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 regression",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4115-2"
},
{
"title": "Ubuntu Security Notice: linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4115-1"
},
{
"title": "Ubuntu Security Notice: linux-aws vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-4118-1"
},
{
"title": "knob",
"trust": 0.1,
"url": "https://github.com/francozappa/knob "
},
{
"title": "bluetooth-KNOB",
"trust": 0.1,
"url": "https://github.com/u10427687/bluetooth-KNOB "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/makaubenson/Fix-BT-Ubuntu "
},
{
"title": "broadcom-bt-firmware",
"trust": 0.1,
"url": "https://github.com/winterheart/broadcom-bt-firmware "
},
{
"title": "broadcom-bt-firmware",
"trust": 0.1,
"url": "https://github.com/AlexandrBing/broadcom-bt-firmware "
},
{
"title": "Protocol-Vul",
"trust": 0.1,
"url": "https://github.com/WinMin/Protocol-Vul "
},
{
"title": "awesome-bluetooth-security",
"trust": 0.1,
"url": "https://github.com/engn33r/awesome-bluetooth-security "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/JeffroMF/awesome-bluetooth-security321 "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000S/PoC-in-GitHub "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xT11/CVE-POC "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/PoC-in-GitHub "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/PoC-in-GitHub "
},
{
"title": "Symantec Threat Intelligence Blog",
"trust": 0.1,
"url": "https://www.symantec.com/blogs/threat-intelligence/microsoft-patch-tuesday-august-2019"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/cisco-patches-six-critical-bugs/147585/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/lenovo-warns-bugs-thinkpads/147338/"
},
{
"title": "Threatpost",
"trust": 0.1,
"url": "https://threatpost.com/wormable-remote-desktop-bugs-august-patch-tuesday/147302/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-traffic/"
},
{
"title": "BleepingComputer",
"trust": 0.1,
"url": "https://www.bleepingcomputer.com/news/security/new-bluetooth-knob-flaw-lets-attackers-manipulate-connections/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "CWE-310",
"trust": 1.1
},
{
"problemtype": "CWE-327",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 2.5,
"url": "https://access.redhat.com/errata/rhsa-2020:0204"
},
{
"trust": 2.0,
"url": "https://access.redhat.com/errata/rhsa-2019:3187"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:2975"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3165"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3217"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3218"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:3231"
},
{
"trust": 1.8,
"url": "https://www.kb.cert.org/vuls/id/918987/"
},
{
"trust": 1.8,
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190828-01-knob-en"
},
{
"trust": 1.8,
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth/"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/11"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/13"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/14"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/aug/15"
},
{
"trust": 1.8,
"url": "http://www.cs.ox.ac.uk/publications/publication12404-abstract.html"
},
{
"trust": 1.8,
"url": "https://www.usenix.org/conference/usenixsecurity19/presentation/antonioli"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3055"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3076"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3089"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3220"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3309"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:3517"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00037.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00036.html"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"trust": 1.8,
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"trust": 1.6,
"url": "https://www.bluetooth.com/security/statement-key-negotiation-of-bluetooth"
},
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9506"
},
{
"trust": 0.9,
"url": "https://github.com/francozappa/knob"
},
{
"trust": 0.8,
"url": "https://www.bluetooth.com/specifications/adopted-specifications"
},
{
"trust": 0.8,
"url": "https://www.usenix.org/system/files/sec19-antonioli.pdf"
},
{
"trust": 0.8,
"url": "https://www.icasi.org/br-edr-encryption-key-bluetooth-vulnerability/"
},
{
"trust": 0.8,
"url": "http://support.blackberry.com/kb/articledetail?articlenumber=000057251"
},
{
"trust": 0.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190813-bluetooth"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.7,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.7,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2019-9506"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193294-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193295-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192984-1.html"
},
{
"trust": 0.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192953-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192952-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192951-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192950-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192949-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192948-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192947-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192946-1.html"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/157216/red-hat-security-advisory-2020-1460-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1338/"
},
{
"trust": 0.6,
"url": "https://portal.msrc.microsoft.com/zh-cn/security-guidance/advisory/cve-2019-9506"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-27173"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210353"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4676/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4346/"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210346"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4252/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4584/"
},
{
"trust": 0.6,
"url": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20190828-01-knob-cn"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0141/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0262/"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/156058/red-hat-security-advisory-2020-0204-01.html"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3115/"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/bluetooth-br-edr-information-disclosure-via-key-negotiation-30041"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4346.2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1189/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1366/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.1366.2/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/327.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.kb.cert.org/vuls/id/918987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-5489"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0154"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-0154"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12207"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-16884"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11135"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14821"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0155"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-0155"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14821"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14901"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-5489"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14901"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10126"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/vulnerabilities/ifu-page-mce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3900"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-12207"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-14816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11135"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16884"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-3900"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-10126"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11810"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11810"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-9500"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20856"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-10902"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9500"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-10902"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20856"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-1125"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1125"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/articles/4329821"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15223"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15538"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4147-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10207"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15221"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15090"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15217"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13631"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15925"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15117"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15220"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15211"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15218"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15215"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0136"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15212"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8659"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht204641"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8669"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8646"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8688"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8672"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8658"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8648"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8641"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8647"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8684"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8683"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8624"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8682"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8665"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8660"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8657"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8689"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8676"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8685"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8662"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#918987"
},
{
"db": "VULHUB",
"id": "VHN-160941"
},
{
"db": "VULMON",
"id": "CVE-2019-9506"
},
{
"db": "PACKETSTORM",
"id": "156058"
},
{
"db": "PACKETSTORM",
"id": "155005"
},
{
"db": "PACKETSTORM",
"id": "154779"
},
{
"db": "PACKETSTORM",
"id": "155017"
},
{
"db": "PACKETSTORM",
"id": "155004"
},
{
"db": "PACKETSTORM",
"id": "154936"
},
{
"db": "PACKETSTORM",
"id": "154740"
},
{
"db": "PACKETSTORM",
"id": "154056"
},
{
"db": "PACKETSTORM",
"id": "154949"
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
},
{
"db": "NVD",
"id": "CVE-2019-9506"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#918987",
"ident": null
},
{
"db": "VULHUB",
"id": "VHN-160941",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2019-9506",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "156058",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "155005",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "154779",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "155017",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "155004",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "154936",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "154740",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "154056",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "154949",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-201908-864",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2019-9506",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2019-08-14T00:00:00",
"db": "CERT/CC",
"id": "VU#918987",
"ident": null
},
{
"date": "2019-08-14T00:00:00",
"db": "VULHUB",
"id": "VHN-160941",
"ident": null
},
{
"date": "2019-08-14T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9506",
"ident": null
},
{
"date": "2020-01-23T00:26:55",
"db": "PACKETSTORM",
"id": "156058",
"ident": null
},
{
"date": "2019-10-29T14:49:28",
"db": "PACKETSTORM",
"id": "155005",
"ident": null
},
{
"date": "2019-10-08T20:44:06",
"db": "PACKETSTORM",
"id": "154779",
"ident": null
},
{
"date": "2019-10-29T14:59:12",
"db": "PACKETSTORM",
"id": "155017",
"ident": null
},
{
"date": "2019-10-29T14:48:28",
"db": "PACKETSTORM",
"id": "155004",
"ident": null
},
{
"date": "2019-10-22T17:27:00",
"db": "PACKETSTORM",
"id": "154936",
"ident": null
},
{
"date": "2019-10-05T14:13:57",
"db": "PACKETSTORM",
"id": "154740",
"ident": null
},
{
"date": "2019-08-14T20:32:22",
"db": "PACKETSTORM",
"id": "154056",
"ident": null
},
{
"date": "2019-10-23T18:29:02",
"db": "PACKETSTORM",
"id": "154949",
"ident": null
},
{
"date": "2019-08-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-864",
"ident": null
},
{
"date": "2019-08-14T17:15:11.597000",
"db": "NVD",
"id": "CVE-2019-9506",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2020-05-15T00:00:00",
"db": "CERT/CC",
"id": "VU#918987",
"ident": null
},
{
"date": "2021-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-160941",
"ident": null
},
{
"date": "2021-11-04T00:00:00",
"db": "VULMON",
"id": "CVE-2019-9506",
"ident": null
},
{
"date": "2021-11-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201908-864",
"ident": null
},
{
"date": "2024-11-21T04:51:45.113000",
"db": "NVD",
"id": "CVE-2019-9506",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
}
],
"trust": 0.6
},
"title": {
"_id": null,
"data": "Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks",
"sources": [
{
"db": "CERT/CC",
"id": "VU#918987"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201908-864"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.